BBC 'vague' reporting again!

[Peter Sommer]

Andrew Cormack wrote:
> If a Trojan of this kind counts as an interception (and something that
> can read incoming and outgoing mail between me and my correspondents
> certainly sounds like it) then presumably it couldn't be used as
> evidence anyway under RIPA s.17?
>
> Andrew
>   

Andrew:

The law in this area is both complex and relatively untested,  but here 
goes:

If the email has been delivered to the PC being remotely investigated 
then I think the argument would be that there is no interception so that 
s 17 RIPA would not apply (in the way it would if you had set up a 
monitorung device between the PC and the owner's ISP and had captured 
the email in transit).  I do recognise, though,  there'd be an 
interesting case to be made in respect of an email delivered to the PC 
but not yet read by the owner - a fact which could be established by 
looking at the flags within the email archive.

The technique can be used for anything on the PC including  deleted but 
recoverable material.  If by any chance an investigator or prosecutor 
became worried that particular classes of material might be inadmissible 
they could then seek to make their case with material that was 
definitely admissible.  After all, that is how intercept material is 
used today - the inadmissible content of the phone call tells the 
investigators that the narcotics shipment is arriving/that a bomb 
factory is in operation at a certain location, etc etc,  the police turn 
up and seize enough evidence to secure the conviction.

Peter Sommer